From 739dda131898f09d7c086dee3f055e5570bced51 Mon Sep 17 00:00:00 2001
From: Chaim Lev-Ari <chiptus@users.noreply.github.com>
Date: Wed, 17 Feb 2021 04:39:22 +0200
Subject: [PATCH] fix(endpoint): skip tls for kube endpoints (#4788)

---
 api/http/handler/endpoints/endpoint_update.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/api/http/handler/endpoints/endpoint_update.go b/api/http/handler/endpoints/endpoint_update.go
index 172c8a45c..2d5bff5a8 100644
--- a/api/http/handler/endpoints/endpoint_update.go
+++ b/api/http/handler/endpoints/endpoint_update.go
@@ -8,7 +8,7 @@ import (
 	httperror "github.com/portainer/libhttp/error"
 	"github.com/portainer/libhttp/request"
 	"github.com/portainer/libhttp/response"
-	"github.com/portainer/portainer/api"
+	portainer "github.com/portainer/portainer/api"
 	"github.com/portainer/portainer/api/bolt/errors"
 	"github.com/portainer/portainer/api/http/client"
 	"github.com/portainer/portainer/api/internal/edge"
@@ -209,6 +209,11 @@ func (handler *Handler) endpointUpdate(w http.ResponseWriter, r *http.Request) *
 				return &httperror.HandlerError{http.StatusInternalServerError, "Unable to remove TLS files from disk", err}
 			}
 		}
+
+		if endpoint.Type == portainer.AgentOnKubernetesEnvironment || endpoint.Type == portainer.EdgeAgentOnKubernetesEnvironment {
+			endpoint.TLSConfig.TLS = true
+			endpoint.TLSConfig.TLSSkipVerify = true
+		}
 	}
 
 	if payload.URL != nil || payload.TLS != nil || endpoint.Type == portainer.AzureEnvironment {